CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

10 matches found

Positive Technologies•added 2026/05/08 12:0 a.m.•11 views

PT-2026-38909

Kavita is a cross platform reading server. Prior to 0.9.0, the download, size-check, and chapter metadata endpoints do not enforce library-level authorization. A low-privileged user who knows or guesses a chapterId, volumeId, or seriesId belonging to a library they are not assigned to can downloa...

5.9CVSS5.7AI score0.0025EPSS

Exploits0References3

Positive Technologies•added 2026/05/08 12:0 a.m.•9 views

PT-2026-38908

Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with AllowAnonymous, allowing completely unauthenticated access to page images from any chapter in any library. While the endpoint accepts an apiKey parameter, it is never validated. Sin...

6.9CVSS5.7AI score0.00281EPSS

Exploits0References4

SUSE CVE•added 2026/04/09 11:29 p.m.•6 views

SUSE CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

7.3AI score0.00159EPSS

Exploits0References3

EUVD•added 2026/04/09 12:32 a.m.•3 views

EUVD-2026-20724

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

5.9AI score0.00159EPSS

Exploits0References3

OSV•added 2026/04/08 10:16 p.m.•3 views

DEBIAN-CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00159EPSS

Exploits0References1

NVD•added 2026/04/08 10:16 p.m.•2 views

CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00159EPSS

Exploits0References2

UbuntuCve•added 2026/04/08 10:16 p.m.•3 views

CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00159EPSS

Exploits0References3

Cvelist•added 2026/04/08 9:20 p.m.•18 views

CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

Exploits0References2

ATTACKERKB•added 2026/04/08 9:20 p.m.•2 views

CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

5.9AI score0.00159EPSS

Exploits0References3Affected Software1

AlpineLinux•added 2026/04/08 9:20 p.m.•3 views

CVE-2026-5900

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00159EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by